Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/007d5f-5b07-4eaf-a732-3ba436a3cc68/1/aEYL4PgNccSI-krSQMs-abXxZLM.roa
File:                     aEYL4PgNccSI-krSQMs-abXxZLM.roa (raw, json)
Hash identifier:          wrV/QmVxmaW3mcr+1EOU6+swRH6VxN4AU9TbqCVHmQw=
Subject key identifier:   68:46:0B:E0:F8:0D:71:C4:88:FA:4A:D2:40:CB:3E:69:B5:F1:64:B3
Certificate issuer:       /CN=6d3318ffd53e419ca5b5927d37ecf8d63f8d009c
Certificate serial:       0304369A
Authority key identifier: 6D:33:18:FF:D5:3E:41:9C:A5:B5:92:7D:37:EC:F8:D6:3F:8D:00:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bTMY_9U-QZyltZJ9N-z41j-NAJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/007d5f-5b07-4eaf-a732-3ba436a3cc68/1/aEYL4PgNccSI-krSQMs-abXxZLM.roa
Signing time:             Sat 01 Jan 2022 00:54:23 +0000
ROA not before:           Sat 01 Jan 2022 00:54:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50919
IP address blocks:        178.217.234.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 50607770 (0x304369a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d3318ffd53e419ca5b5927d37ecf8d63f8d009c
        Validity
            Not Before: Jan  1 00:54:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=68460be0f80d71c488fa4ad240cb3e69b5f164b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:c2:1c:32:92:05:a5:ab:b1:3b:05:05:2a:49:
                    c8:e3:9d:eb:0a:9a:3c:8c:59:89:d5:02:b9:a0:2c:
                    75:da:87:5e:32:f9:85:2b:08:93:70:b1:7e:98:90:
                    bc:aa:d5:82:ea:e3:6f:e6:4d:40:f7:d4:ed:2d:dc:
                    3e:96:8f:ba:44:12:da:bf:d3:78:07:aa:e8:e6:55:
                    2e:2d:08:05:19:e1:d9:df:e2:41:ae:c6:8f:9a:0b:
                    9a:39:7c:f9:68:f0:ec:ae:ad:e0:d3:36:47:34:4e:
                    e7:8f:f0:6d:8d:fb:de:c7:be:0d:c3:ec:7d:f7:ff:
                    69:d6:f8:05:5c:5e:6f:d7:2c:0f:75:3b:20:ef:8a:
                    fd:63:3e:02:a4:59:15:9f:76:98:d9:bc:3d:eb:b1:
                    ed:b6:b6:2f:a3:3f:37:c7:b6:27:60:8e:06:b1:e7:
                    06:05:41:10:15:13:ed:b0:22:a0:7e:3b:9d:c8:5c:
                    00:40:4b:66:69:e0:6f:e6:46:3b:28:f7:1e:71:d3:
                    29:f8:b5:c8:2c:32:e9:4f:2e:c4:de:89:dd:8a:e7:
                    dd:25:fd:db:60:53:cb:77:d5:5f:41:a9:d4:47:26:
                    c9:b6:a7:1f:34:49:7f:6d:e7:be:42:82:13:e0:6a:
                    9a:60:05:79:5d:ec:3e:ef:c1:99:35:c5:22:af:90:
                    70:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:46:0B:E0:F8:0D:71:C4:88:FA:4A:D2:40:CB:3E:69:B5:F1:64:B3
            X509v3 Authority Key Identifier:
                keyid:6D:33:18:FF:D5:3E:41:9C:A5:B5:92:7D:37:EC:F8:D6:3F:8D:00:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bTMY_9U-QZyltZJ9N-z41j-NAJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/007d5f-5b07-4eaf-a732-3ba436a3cc68/1/aEYL4PgNccSI-krSQMs-abXxZLM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/007d5f-5b07-4eaf-a732-3ba436a3cc68/1/bTMY_9U-QZyltZJ9N-z41j-NAJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.217.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:3c:38:7e:13:47:31:e8:75:8f:d6:8a:08:29:a8:b4:44:45:
         7c:9c:b9:58:36:06:8b:1e:49:bb:7f:e8:48:f7:96:c6:f5:53:
         d0:1e:5a:03:95:95:99:7c:fd:01:98:1b:1e:c4:6d:2b:6d:6d:
         9b:09:12:79:d3:23:5a:5b:ba:67:ba:05:00:24:9f:07:30:86:
         f3:9f:3b:7b:31:14:fb:cf:fd:47:ed:89:aa:95:4a:e6:e1:15:
         b5:d4:39:7e:99:25:5e:18:19:28:a2:fe:18:7a:d7:4a:8d:e1:
         b7:af:d3:0d:14:aa:11:8c:69:c1:4b:66:15:14:96:3c:20:40:
         1b:8e:b2:82:d7:9e:41:2d:0f:b9:0f:79:f6:7b:93:c7:3e:11:
         52:b2:84:f4:b2:e2:a6:f3:37:6a:98:57:bb:58:d2:2c:78:31:
         47:77:33:84:2e:04:30:aa:d6:1a:24:30:dc:45:0c:03:ec:76:
         a1:f7:2a:1f:97:1c:03:b9:9e:f3:ba:bf:07:7f:d3:a2:48:ed:
         81:6b:19:81:da:18:f8:51:0a:a0:b4:43:d9:e0:86:51:36:96:
         07:4f:d3:98:af:10:3a:fc:e5:5a:b2:6a:43:18:16:47:a1:15:
         de:32:96:76:bd:50:d2:6b:17:e5:8f:0d:39:0a:5f:04:28:4f:
         06:85:76:30
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAwQ2mjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDMzMThmZmQ1M2U0MTljYTViNTkyN2QzN2VjZjhkNjNmOGQwMDljMB4XDTIyMDEw
MTAwNTQyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjg0NjBiZTBmODBk
NzFjNDg4ZmE0YWQyNDBjYjNlNjliNWYxNjRiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMnCHDKSBaWrsTsFBSpJyOOd6wqaPIxZidUCuaAsddqHXjL5
hSsIk3CxfpiQvKrVgurjb+ZNQPfU7S3cPpaPukQS2r/TeAeq6OZVLi0IBRnh2d/i
Qa7Gj5oLmjl8+Wjw7K6t4NM2RzRO54/wbY373se+DcPsfff/adb4BVxeb9csD3U7
IO+K/WM+AqRZFZ92mNm8Peux7ba2L6M/N8e2J2COBrHnBgVBEBUT7bAioH47nchc
AEBLZmngb+ZGOyj3HnHTKfi1yCwy6U8uxN6J3Yrn3SX922BTy3fVX0Gp1Ecmyban
HzRJf23nvkKCE+BqmmAFeV3sPu/BmTXFIq+QcP8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRoRgvg+A1xxIj6StJAyz5ptfFkszAfBgNVHSMEGDAWgBRtMxj/1T5BnKW1
kn037PjWP40AnDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JUTVlfOVUtUVp5bHRaSjlOLXo0MWotTkFKdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTIvMDA3ZDVmLTViMDctNGVhZi1hNzMyLTNiYTQzNmEzY2M2OC8x
L2FFWUw0UGdOY2NTSS1rclNRTXMtYWJYeFpMTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIv
MDA3ZDVmLTViMDctNGVhZi1hNzMyLTNiYTQzNmEzY2M2OC8xL2JUTVlfOVUtUVp5
bHRaSjlOLXo0MWotTkFKdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALLZ6jANBgkqhkiG9w0BAQsFAAOC
AQEArjw4fhNHMeh1j9aKCCmotERFfJy5WDYGix5Ju3/oSPeWxvVT0B5aA5WVmXz9
AZgbHsRtK21tmwkSedMjWlu6Z7oFACSfBzCG8587ezEU+8/9R+2JqpVK5uEVtdQ5
fpklXhgZKKL+GHrXSo3ht6/TDRSqEYxpwUtmFRSWPCBAG46ygteeQS0PuQ959nuT
xz4RUrKE9LLipvM3aphXu1jSLHgxR3czhC4EMKrWGiQw3EUMA+x2ofcqH5ccA7me
87q/B3/TokjtgWsZgdoY+FEKoLRD2eCGUTaWB0/TmK8QOvzlWrJqQxgWR6EV3jKW
dr1Q0msX5Y8NOQpfBChPBoV2MA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:03 2024 by rpki-client on console-fra.rpki-client.org